<?php
require_once ('config.inc.php');
require_once ('utils.inc.php');
error_reporting ( E_ALL );
session_start ();
if (isset ( $_POST ['Password'] ))
	$_SESSION ['adminpwd'] = $_POST ['Password'];
$isAdmin = isset ( $_SESSION ['adminpwd'] ) && md5 ( $_SESSION ['adminpwd'] ) == AdminPwdMD5;
if ($isAdmin) {
	@$con = mysql_connect ( MySQLHost, MySQLUser, MySQLPass );
	if ($con) {
		mysql_select_db ( MySQLDB, $con );
		if (@$result = mysql_query ( 'SHOW TABLE STATUS LIKE \'imglist\'' )) {
			if ($tableStatus = mysql_fetch_assoc ( $result )) {
				$totalRecords = $tableStatus ['Rows'];
				$msg = $totalRecords . " image files hosted.";
			} else
				$msg = 'Not yet installed.';
		} else
			$msg = mysql_error ();
	} else
		$msg = mysql_error ();
}
if ($isAdmin && isset ( $_POST ['Truncate'] )) {
	$sql = 'TRUNCATE `imglist`';
	$result = mysql_query ( $sql );
	if (! $result)
		die ( mysql_error () );
	$dir = opendir ( "upload" );
	while ( $file = readdir ( $dir ) ) {
		$fileParts = pathinfo ( $file );
		$fext = strtolower ( $fileParts ['extension'] );
		if ($fext == 'bin')
			unlink ( "upload/" . $file );
	}
	$msg = "Database and uploaded files truncated.";
}
if ($isAdmin && isset ( $_POST ['Install'] )) {
	$sql = '
   CREATE TABLE `imglist` (
  `imgid` int(8) unsigned NOT NULL AUTO_INCREMENT,
  `ext` varchar(3) COLLATE utf8_unicode_ci NOT NULL DEFAULT \'bin\',
  `uploadip` varchar(15) COLLATE utf8_unicode_ci NOT NULL,
  `uploaddate` datetime NOT NULL,
  `lastdate` datetime NOT NULL,
  `clicks` int(11) NOT NULL DEFAULT \'0\',
  `exp` datetime NOT NULL,
  `bw` float NOT NULL DEFAULT \'0\',
    PRIMARY KEY (`imgid`)
  ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;';
	$result = mysql_query ( $sql );
	if (! $result)
		die ( mysql_error () );
	$msg = "Installed";
}
if ($isAdmin && isset ( $_POST ['Uninstall'] )) {
	$sql = 'DROP TABLE `imglist`';
	$result = mysql_query ( $sql );
	if (! $result)
		die ( mysql_error () );
	$msg = "Table removed. Please delete files manually.";
}
if ($isAdmin && isset ( $_POST ['lowviews'] )) {
	$sql = "SELECT `imgid` FROM `imglist` WHERE `clicks`<2";
	$result = mysql_query ( $sql );
	if (! $result)
		die ( mysql_error () );
	while ( $row = mysql_fetch_row ( $result ) )
		unlink ( "upload/" . encodeID ( $row [0] ) . ".bin" );
	
	$sql = "DELETE FROM `imglist` WHERE `clicks`<2;";
	$result = mysql_query ( $sql );
	$msg = mysql_affected_rows () . " records deleted.";
	if (! $result)
		die ( mysql_error () );
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Image Hosting Admin</title>
<script language="javascript">
function confirmSubmit()
{
	return confirm('Sure?');
}
</script>
</head>

<body>
	<div class="container">
<?php if (isset($msg)) echo "<p>".$msg."</p>"; ?>
<?php

if ($isAdmin) {
	?>
<div class="control">
			<form action="" method="post" enctype="multipart/form-data"
				name="adminAction">
				<input name="Install" type="submit" value="Install"
					onclick="return confirmSubmit();" /> <input name="Truncate"
					type="submit" value="Truncate" onclick="return confirmSubmit();" />
				<input name="Uninstall" type="submit" value="Uninstall"
					onclick="return confirmSubmit();" /> <input name="lowviews"
					type="submit" value="Clean Low View Images"
					onclick="return confirmSubmit();" />
			</form>
			<a href="config.editor.php">Edit config.inc.php</a>
		</div>
<?php } else { ?>
<div class="login">
			<form action="" method="post" enctype="multipart/form-data">
				<input name="Password" type="password" /> <input name="Login"
					type="submit" value="Login" />
			</form>
		</div>
<?php } ?>

</div>
</body>
</html>
